Sandor Molnar created AMBARI-24913:
--------------------------------------
Summary: Update ldap-configuration category in Ambari
Configurations data to contain properties to aid in automated LDAP configuration
Key: AMBARI-24913
URL: https://issues.apache.org/jira/browse/AMBARI-24913
Project: Ambari
Issue Type: Task
Components: ambari-server, security
Affects Versions: 2.7.0
Reporter: Sandor Molnar
Assignee: Sandor Molnar
Fix For: 2.8.0
Update {{ldap-configuration}} category in Ambari Configurations data to contain
properties to aid in automated LDAP configuration:
* {{ambari.ldap.manage_services}}
** This property is used to indicate whether Ambari is to manage relevant
services' LDAP configurations or not ("true" | "false")
* {{ambari.ldap.enabled_services}}
** This property is used to declare what services are expected to be
configured for LDAP and is expected to be a comma-delimited list of services or
"{{*}}" to indicate all services.
Examples:
{code:java|title=All services}
"ambari.ldap.manage_services":"true",
"ambari.ldap.enabled_services":"*"
{code}
{code:java|title=Only Ranger}
"ambari.ldap.manage_services":"true",
"ambari.ldap.enabled_services":"Ranger"
{code}
{code:java|title=Ranger, and Atlas}
"ambari.ldap.manage_services":"true",
"ambari.ldap.enabled_services":"Ranger, Atlas"
{code}
{code:java|title=Do not manage services}
"ambari.ldap.manage_services":"false",
"ambari.ldap.enabled_services":""
{code}
Each service in the set of services should have indicated it supports LDAP (see
BUG-114409) else it will silently be ignored.
This value should be set via Ambari's REST API or a Blueprint.
Upon setting this value via the Ambari REST API, it is expected that internal
logic will be triggered to ensure the relevant services in the list are
configured for LDAP or not configured for LDAP as the case may be.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
